Monday, February 5, 2018

Ledger warns users against possible attack...

A study published recently (link) warns of how easy a possible "man in the middle" attack against Ledger users could be, in summary stating:

"Ledger wallets generate the displayed receive address using JavaScript code running on the host machine. This means malware can simply replace the code responsible for generating the receive address with its own address, causing all future deposits to be sent to the attacker.

Because recieve addresses are constistently changing as part of the usual activity of the wallet, the user has no trivial way (like recognizing his address) to verify the intrgrity of the recieve address.

As far as he knows, the displayed receive address is his actual receive address"

While there are no reports of the method being used yet, a proof of concept was provided in the study causing Ledger to agree with the findings, and issue the following statement via Twitter:
It's important to note - this cannot be considered a 'security flaw' in Ledger, but rather the risk of plugging a Ledger into a malware infected computer.

Ledger sold over 1 million hardware wallets in 2017 and is currently the most popular hardware cryptocurrency storage device.
Author: Ross Davis
San Francisco News Desk